Normal, non-nesting KVM deals with maintenance interrupt in a very simple way: we don't even try to handle it and just turn it off as soon as we exit, long before the kernel can handle it. However, with NV, we rely on the actual handling of the interrupt to leave it active and pass it down to the L1 guest hypervisor (we effectively treat it as an assigned interrupt, just like the timer). This doesn't work with something like the Apple M2, which doesn't have an active state that allows the interrupt to be masked. Instead, just disable the vgic after having taken the interrupt and injected a virtual interrupt. This is enough for the guest to make forward progress, but will limit its ability to handle further interrupts until it next exits (IAR will always report "spurious"). Oh well. Signed-off-by: Marc Zyngier <maz@xxxxxxxxxx> --- arch/arm64/kvm/vgic/vgic-v3-nested.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/arm64/kvm/vgic/vgic-v3-nested.c b/arch/arm64/kvm/vgic/vgic-v3-nested.c index b8f4dd39676c..ea76b1f7285c 100644 --- a/arch/arm64/kvm/vgic/vgic-v3-nested.c +++ b/arch/arm64/kvm/vgic/vgic-v3-nested.c @@ -264,4 +264,7 @@ void vgic_v3_handle_nested_maint_irq(struct kvm_vcpu *vcpu) kvm_vgic_inject_irq(vcpu->kvm, vcpu, vcpu->kvm->arch.vgic.maint_irq, state, vcpu); } + + if (unlikely(kvm_vgic_global_state.no_hw_deactivation)) + sysreg_clear_set_s(SYS_ICH_HCR_EL2, ICH_HCR_EN, 0); } -- 2.39.2